<?php
/*
+-----------------------------------------------------------------------------+
| $Id: *.php 2009-08-18 08:41:22Z Bleakwind $
| Copyright (c) 2003-2010 Bleakwind (www.weaverdream.com)
| http://www.weaverdream.com/
+-----------------------------------------------------------------------------+
*/

if (!defined( 'ENTRY_INDEX')){
    echo "<h1>Forbidden</h1><p>You don't have permission to access on this server.</p>";
    exit;
}

$setting_cover['length']    = 40;
$setting_cover['size']      = 2097152;
$setting_cover['type']      = ".gif,.jpg,.png";
$setting_cover['dir']       = date("Y")."/".date("Ym")."/".date("Ymd")."/";

$sys->get['channel_id'] = empty($sys->get['channel_id']) ? "0" : (int)$sys->get['channel_id'];
$sys->return_channel_current($sys->get['channel_id']);
$t->assign(array(
    "channel_current" => $sys->channel_current,
));

// public ajax
function upload_submit($form,$action,$prompt)  
{
    global $LANGUAGE,$LANGLIST,$SETTING;
    $ajax_response = new xajaxResponse();
    $ajax_response->assign($prompt, "innerHTML", "<img src=\"".$SETTING['dir_images_admin']."/loading.gif\" border=\"0\" align=\"absmiddle\" />");
    $ajax_response->remove($form."_upload_target");
    $ajax_response->append($prompt, "innerHTML", "<iframe id=\"".$form."_upload_target\" name=\"".$form."_upload_target\" width=\"0\" height=\"0\" scrolling=\"no\" frameborder=\"0\" src=\"about:blank\" style=\"display:none;\"></iframe>");
    $ajax_response->assign($form,"action",$action);
    $ajax_response->assign($form,"target",$form."_upload_target");
    $ajax_response->script("document.".$form.".submit();");
    return $ajax_response;
}
$bwajax->register(XAJAX_FUNCTION, "upload_submit");
function channel_if_turn($id, $value, $detail="")
{
    global $LANGUAGE,$LANGLIST,$SETTING,$article_info;
    $ajax_response = new xajaxResponse();
    if (!empty($detail) && !is_array($detail)) {
        $detail = preg_split("/[\s,|]+/", $detail);
    }
    if ( $value == "true"){
        $ajax_response->assign($id, "style.display", 'inline');
        if (is_array($detail) && count($detail)>0) {
            foreach ($detail as $v) {
                $ajax_response->assign($v, "style.display", 'none');
            }
        }
    }else{
        $ajax_response->assign($id, "style.display", 'none');
        if (is_array($detail) && count($detail)>0) {
            foreach ($detail as $v) {
                $ajax_response->assign($v, "style.display", 'inline');
            }
        }
    }
    return $ajax_response;
}
$bwajax->register(XAJAX_FUNCTION, "channel_if_turn");
//////
// cover ajax
function cover_upload_return($state,$type,$search,$form,$input,$input_value,$submit,$list,$prompt,$msg)
{
    global $LANGUAGE,$SETTING,$MEMBER,$ADMIN,$setting_cover;
    $ajax_response = new xajaxResponse();
    $ajax_response->assign($form,"action","javascript:void(null);");
    $ajax_response->assign($form,"target","_self");

    if ($state == "1") {
        $ajax_response->assign($input, "innerHTML", $input_value);
    }

    if ($type == "amend"){
        $channel_id = $search;
        $file_str = "";
        $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$channel_id, "", "id DESC");
        $file_value = $filelist['0'];
        if (!empty($file_value)){
            $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
            if (!file_exists($path)) { func::make_dir($path); }
            if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                $size = $width > $height ? "width=45" : "height=45";
                $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('amend','".$channel_id."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
            }
        }
        if (empty($file_str)) {
            $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
        }
    } else {
        $admin_id = $search;
        $file_str = "";
        $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=0 AND admin_id=".$admin_id, "", "id DESC");
        $file_value = $filelist['0'];
        if (!empty($file_value)){
            $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
            if (!file_exists($path)) { func::make_dir($path); }
            if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                $size = $width > $height ? "width=45" : "height=45";
                $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('add','".$admin_id."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
            }
        }
        if (empty($file_str)) {
            $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
        }
    }
    $ajax_response->assign($list,"innerHTML",$file_str);

    $ajax_response->assign($prompt, "innerHTML", $msg);
    $ajax_response->assign($submit,"disabled",false);
    return $ajax_response;
}
$bwajax->register(XAJAX_FUNCTION, "cover_upload_return");
function cover_get($type,$search,$file_input,$file,$submit,$list,$prompt)
{
    global $LANGUAGE,$SETTING,$MEMBER,$ADMIN,$setting_cover;
    $ajax_response = new xajaxResponse();

    $ajax_response->assign($prompt, "innerHTML", "<img src=\"".$SETTING['dir_images_admin']."/loading.gif\" border=\"0\" align=\"absmiddle\" />");
    $cover_type = explode(",",$setting_cover['type']);
    if (empty($file)) {
        $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">请输入文件地址</span>");
        $ajax_response->assign($submit,"disabled",false);
    }else{
        preg_match("/([^\/.]*)\.[^\/.]*$/", $file, $name_primal); $name_primal = $name_primal[1];
        preg_match("/[^\/.]*(\.[^\/.]*)$/", $file, $name_extend); $name_extend = $name_extend[1];
        if (empty($name_primal)) {
            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">获取文件名失败</span>");
            $ajax_response->assign($submit,"disabled",false);
        } elseif (!in_array($name_extend, $cover_type)) {
            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">文件类型不符合要求<!-- file type error --></span>");
            $ajax_response->assign($submit,"disabled",false);
        } else {

            $result_state = "1";

            if ($type == "amend"){
                $channel_id = $search;
                if (!preg_match("/^[0-9]+$/",$channel_id)){
                    $result_state = "0";
                    $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">非法操作<!-- channel_id error --></span>");
                    $ajax_response->assign($submit,"disabled",false);
                } else {
                    $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$channel_id, "", "id DESC");
                    if (count($filelist) > 1){
                        $result = func::db_delete(DB_TABLE_CHANNEL_COVER, "channel_id=".$channel_id." AND id!=".$filelist[0]['id']);
                        if (!$result) {
                            $result_state = "0";
                            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">删除多余的记录失败<!-- delete excrescent error --></span>");
                            $ajax_response->assign($submit,"disabled",false);
                        }
                    }
                    if ($result_state == "1") {
                        $file_value = $filelist[0];
                        if (!empty($file_value['dir'])){
                            $dir    = $file_value['dir'];
                            $path   = $SETTING['dir_channel_cover']."/".$dir;
                        } else {
                            $dir    = $setting_cover['dir'];
                            $path   = $SETTING['dir_channel_cover']."/".$dir;
                        }
                        if (!file_exists($path)) { func::make_dir($path); }

                        $filename       = "";
                        $file_notexists = false;
                        while($file_notexists === false){
                            $name_base = func::return_lenstr(sha1($name_primal.microtime()),$setting_cover['length']);
                            $filename = $name_base.$name_extend;
                            if(!file_exists($path.$filename)) {
                                $file_notexists = true;
                            }
                        }

                        if (!@copy($file, $path.$filename)) {
                            $result_state = "0";
                            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">获取内容失败<!-- copy error --></span>");
                            $ajax_response->assign($submit,"disabled",false);
                        } else {
                            if (!empty($file_value['filename'])){
                                if (file_exists($path.$file_value['filename'])) {
                                    @chmod($path.$file_value['filename'], $SETTING['chmod_mode_file']);
                                    @unlink($path.$file_value['filename']);
                                }
                            }
                            $sql_data = array(
                                "dir"       => "'".$dir."'",
                                "filename"  => "'".$filename."'",
                                "channel_id"       => "'".$channel_id."'",
                                "admin_id"       => "'".$ADMIN['mid']."'",
                            );
                            if (count($filelist) > 0) {
                                $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "id=".$file_value['id']);
                            } else {
                                $result = func::db_insert(DB_TABLE_CHANNEL_COVER, $sql_data);
                            }
                            if (!$result) {
                                if (file_exists($path.$filename)) {
                                    @chmod($path.$filename, $SETTING['chmod_mode_file']);
                                    @unlink($path.$filename);
                                }
                                $result_state = "0";
                                $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">更新数据库失败<!-- db update error --></span>");
                                $ajax_response->assign($submit,"disabled",false);
                            }
                        }
                    }
                }
            } else {
                $admin_id = $search;
                if (!preg_match("/^[0-9]+$/",$admin_id)){
                    $result_state = "0";
                    $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">非法操作<!-- admin_id error --></span>");
                    $ajax_response->assign($submit,"disabled",false);
                } else {
                    $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=0 AND admin_id=".$admin_id, "", "id DESC");
                    if (count($filelist) > 1){
                        $result = func::db_delete(DB_TABLE_CHANNEL_COVER, "channel_id=0 AND admin_id=".$admin_id." AND id!=".$filelist[0]['id']);
                        if (!$result) {
                            $result_state = "0";
                            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">删除多余的记录失败<!-- delete excrescent error --></span>");
                            $ajax_response->assign($submit,"disabled",false);
                        }
                    }
                    if ($result_state == "1") {
                        $file_value = $filelist[0];
                        if (!empty($file_value['dir'])){
                            $dir    = $file_value['dir'];
                            $path   = $SETTING['dir_channel_cover']."/".$dir;
                        } else {
                            $dir    = $setting_cover['dir'];
                            $path   = $SETTING['dir_channel_cover']."/".$dir;
                        }
                        if (!file_exists($path)) { func::make_dir($path); }

                        $filename       = "";
                        $file_notexists = false;
                        while($file_notexists === false){
                            $name_base = func::return_lenstr(sha1($name_primal.microtime()),$setting_cover['length']);
                            $filename = $name_base.$name_extend;
                            if(!file_exists($path.$filename)) {
                                $file_notexists = true;
                            }
                        }

                        if (!@copy($file, $path.$filename)) {
                            $result_state = "0";
                            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">获取内容失败<!-- copy error --></span>");
                            $ajax_response->assign($submit,"disabled",false);
                        } else {
                            if (!empty($file_value['filename'])){
                                if (file_exists($path.$file_value['filename'])) {
                                    @chmod($path.$file_value['filename'], $SETTING['chmod_mode_file']);
                                    @unlink($path.$file_value['filename']);
                                }
                            }
                            $sql_data = array(
                                "dir"       => "'".$dir."'",
                                "filename"  => "'".$filename."'",
                                "channel_id"       => "'0'",
                                "admin_id"       => "'".$ADMIN['mid']."'",
                            );
                            if (count($filelist) > 0) {
                                $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "id=".$file_value['id']);
                            } else {
                                $result = func::db_insert(DB_TABLE_CHANNEL_COVER, $sql_data);
                            }
                            if (!$result) {
                                if (file_exists($path.$filename)) {
                                    @chmod($path.$filename, $SETTING['chmod_mode_file']);
                                    @unlink($path.$filename);
                                }
                                $result_state = "0";
                                $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">更新数据库失败<!-- db update error --></span>");
                                $ajax_response->assign($submit,"disabled",false);
                            }
                        }
                    }
                }
            }

            if ($result_state == "1"){
                if ($type == "amend"){
                    $channel_id = $search;
                    $file_str = "";
                    $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$channel_id, "", "id DESC");
                    $file_value = $filelist['0'];
                    if (!empty($file_value)){
                        $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
                        if (!file_exists($path)) { func::make_dir($path); }
                        if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                            list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                            $size = $width > $height ? "width=45" : "height=45";
                            $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('amend','".$channel_id."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
                        }
                    }
                    if (empty($file_str)) {
                        $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
                    }
                } else {
                    $admin_id = $search;
                    $file_str = "";
                    $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=0 AND admin_id=".$admin_id, "", "id DESC");
                    $file_value = $filelist['0'];
                    if (!empty($file_value)){
                        $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
                        if (!file_exists($path)) { func::make_dir($path); }
                        if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                            list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                            $size = $width > $height ? "width=45" : "height=45";
                            $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('add','".$admin_id."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
                        }
                    }
                    if (empty($file_str)) {
                        $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
                    }
                }
                $ajax_response->assign($list,"innerHTML",$file_str);
                $ajax_response->assign($file_input, "value", "");
                $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_succeed\">文件获取成功<!-- get file succeed --></span>");
            }

            $ajax_response->assign($submit,"disabled",false);
        }
    }
    return $ajax_response;
}
$bwajax->register(XAJAX_FUNCTION, "cover_get");
function cover_del($type,$search,$del,$list,$prompt)
{
    global $LANGUAGE,$SETTING,$MEMBER,$ADMIN,$setting_cover;
    $ajax_response = new xajaxResponse();

    $ajax_response->assign($prompt, "innerHTML", "");

    $result_state = "1";

    if ($type == "amend"){
        $channel_id = $search;
        if (!preg_match("/^[0-9]+$/",$channel_id)){
            $result_state = "0";
            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">非法操作<!-- channel_id error --></span>");
            $ajax_response->assign($submit,"disabled",false);
        } else {
            if (!preg_match("/^[0-9]+$/",$del)){
                $result_state = "0";
                $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">非法操作<!-- del error --></span>");
                $ajax_response->assign($submit,"disabled",false);
            } else {
                $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "id=".$del, "", "id DESC");
                $file_value = $filelist[0];
                if (!empty($file_value['dir'])){
                    $dir    = $file_value['dir'];
                    $path   = $SETTING['dir_channel_cover']."/".$dir;
                    if (!empty($file_value['filename'])){
                        if (file_exists($path.$file_value['filename'])) {
                            @chmod($path.$file_value['filename'], $SETTING['chmod_mode_file']);
                            @unlink($path.$file_value['filename']);
                        }
                    }
                }
                $sql_data = array(
                    "filename" => "''",
                );
                if (count($filelist) > 0) {
                    $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "id=".$file_value['id']);
                }
                if (!$result) {
                    $result_state = "0";
                    $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">更新数据库失败<!-- db update error --></span>");
                    $ajax_response->assign($submit,"disabled",false);
                }

            }
        }
    } else {
        $admin_id = $search;
        if (!preg_match("/^[0-9]+$/",$admin_id)){
            $result_state = "0";
            $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">非法操作<!-- admin_id error --></span>");
            $ajax_response->assign($submit,"disabled",false);
        } else {
            if (!preg_match("/^[0-9]+$/",$del)){
                $result_state = "0";
                $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">非法操作<!-- del error --></span>");
                $ajax_response->assign($submit,"disabled",false);
            } else {
                $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "id=".$del, "", "id DESC");
                $file_value = $filelist[0];
                if (!empty($file_value['dir'])){
                    $dir    = $file_value['dir'];
                    $path   = $SETTING['dir_channel_cover']."/".$dir;
                    if (!empty($file_value['filename'])){
                        if (file_exists($path.$file_value['filename'])) {
                            @chmod($path.$file_value['filename'], $SETTING['chmod_mode_file']);
                            @unlink($path.$file_value['filename']);
                        }
                    }
                }
                $sql_data = array(
                    "filename" => "''",
                );
                if (count($filelist) > 0) {
                    $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "id=".$file_value['id']);
                }
                if (!$result) {
                    $result_state = "0";
                    $ajax_response->assign($prompt, "innerHTML", "<span class=\"prompt_failed\">更新数据库失败<!-- db update error --></span>");
                    $ajax_response->assign($submit,"disabled",false);
                }

            }
        }
    }

    if ($result_state == "1"){
        if ($type == "amend"){
            $channel_id = $search;
            $file_str = "";
            $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$channel_id, "", "id DESC");
            $file_value = $filelist['0'];
            if (!empty($file_value)){
                $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
                if (!file_exists($path)) { func::make_dir($path); }
                if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                    list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                    $size = $width > $height ? "width=45" : "height=45";
                    $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('amend','".$channel_id."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
                }
            }
            if (empty($file_str)) {
                $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
            }
        } else {
            $admin_id = $search;
            $file_str = "";
            $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=0 AND admin_id=".$admin_id, "", "id DESC");
            $file_value = $filelist['0'];
            if (!empty($file_value)){
                $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
                if (!file_exists($path)) { func::make_dir($path); }
                if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                    list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                    $size = $width > $height ? "width=45" : "height=45";
                    $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('add','".$admin_id."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
                }
            }
            if (empty($file_str)) {
                $file_str = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
            }
        }
        $ajax_response->assign($list, "innerHTML", $file_str);
    }

    return $ajax_response;
}
$bwajax->register(XAJAX_FUNCTION, "cover_del");
//////
// form post ajax
function submit_form($type, $value, $submit)
{
    global $LANGUAGE,$SETTING,$CONFIGURE,$MEMBER,$ADMIN,$db,$sys,$c,$setting_cover,$setting_attach;
    $ajax_response = new xajaxResponse();
    $error = false;
    //$ajax_response->alert(print_r($value['trans_group'], true)); $ajax_response->assign($submit,"disabled",false); return $ajax_response;

    if ($type == "amend") {
        $submit_value   = "编辑";
        $iderror        = "类别错误";
    } else {
        $submit_value   = "添加";
        $iderror        = "所属类别错误";
    }

    $channel_info  = $sys->return_channel_info($sys->get['channel_id']);

    if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])){
        $ajax_response->alert($iderror."!<!-- channel_id error -->");
        $ajax_response->assign($submit,"value",$submit_value);
        $ajax_response->assign($submit,"disabled",false);
    } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
        $ajax_response->alert($iderror."!<!-- privilege not allow -->");
        $ajax_response->assign($submit,"value",$submit_value);
        $ajax_response->assign($submit,"disabled",false);
    } else {

        if(!preg_match("/^[12]{1}$/i",$value['type'])){
            $error = true;
            if(empty($anchor)) { $anchor = "type"; }
            $ajax_response->assign("type_return", "innerHTML", "<span class=\"prompt_failed\">必须选择分区<!-- type error --></span>");
        } else {
            $ajax_response->assign("type_return", "innerHTML", "");
        }

        if( empty($value['name']) ) {
            $error = true;
            if(empty($anchor)) { $anchor = "name"; }
            $ajax_response->assign("name_return", "innerHTML", "<span class=\"prompt_failed\">必须填写名称<!-- name error --></span>");
        } else {
            $ajax_response->assign("name_return", "innerHTML", "");
        }

        if (!preg_match("/^[a-z0-9_]*$/i",$value['password'])){
            $error = true;
            if(empty($anchor)) { $anchor = "password"; }
            $ajax_response->assign("password_return", "innerHTML", "<span class=\"prompt_failed\">访问密码只能为英文,数字和下划线!<!-- password error --></span>");
        } else {
            $ajax_response->assign("password_return", "innerHTML", "");
        }

        if ( mb_strwidth($value['keyword'],"UTF-8") > 255) {
            $error = true;
            if(empty($anchor)) { $anchor = "keyword"; }
            $ajax_response->assign("keyword_return", "innerHTML", "<span class=\"prompt_failed\">关键字必须在255字节以内,请重新输入.<!-- keyword error --></span>");
        } else {
            $ajax_response->assign("keyword_return", "innerHTML", "");
        }

        if (!preg_match("/^[a-z0-9_.\/]*$/i",$value['template_channel'])
            || preg_match("/^\//i",$value['template_channel'])
            || preg_match("/\.\./i",$value['template_channel'])){
            $error = true;
            if(empty($anchor)) { $anchor = "template_channel"; }
            $ajax_response->assign("template_channel_return", "innerHTML", "<span class=\"prompt_failed\">版块模板包含非法字符<!-- template_channel error --></span>");
        } else {
            $ajax_response->assign("template_channel_return", "innerHTML", "");
        }

        if (!preg_match("/^[a-z0-9_.\/]*$/i",$value['template_topic'])
            || preg_match("/^\//i",$value['template_topic'])
            || preg_match("/\.\./i",$value['template_topic'])){
            $error = true;
            if(empty($anchor)) { $anchor = "template_topic"; }
            $ajax_response->assign("template_topic_return", "innerHTML", "<span class=\"prompt_failed\">帖子模板包含非法字符<!-- template_topic error --></span>");
        } else {
            $ajax_response->assign("template_topic_return", "innerHTML", "");
        }

        if(!preg_match("/^[0-9]{1,11}$/",$value['page_record'])) {
            $error = true;
            if(empty($anchor)) { $anchor = "page_record"; }
            $ajax_response->assign("page_record_return", "innerHTML", "<span class=\"prompt_failed\">每页记录不能为空且必须为数字<!-- page_record error --></span>");
        } else {
            $ajax_response->assign("page_record_return", "innerHTML", "");
        }

        if(!preg_match("/^[0-9]+$/",$value['rank'])) {
            $error = true;
            if(empty($anchor)) { $anchor = "rank"; }
            $ajax_response->assign("rank_return", "innerHTML", "<span class=\"prompt_failed\">每页记录不能为空且必须为数字<!-- rank error --></span>");
        } else {
            $ajax_response->assign("rank_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_enable'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_enable"; }
            $ajax_response->assign("if_enable_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否开启此版块<!-- if_enable error --></span>");
        } else {
            $ajax_response->assign("if_enable_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_lock'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_lock"; }
            $ajax_response->assign("if_lock_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否开启此版块<!-- if_lock error --></span>");
        } else {
            $ajax_response->assign("if_lock_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_show'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_show"; }
            $ajax_response->assign("if_show_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否显示此版块<!-- if_show error --></span>");
        } else {
            $ajax_response->assign("if_show_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_recommend'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_recommend"; }
            $ajax_response->assign("if_recommend_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否开启推荐<!-- if_recommend error --></span>");
        } else {
            $ajax_response->assign("if_recommend_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_add'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_add"; }
            $ajax_response->assign("if_add_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否开启此版块发帖<!-- if_add error --></span>");
        } else {
            $ajax_response->assign("if_add_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_guest'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_guest"; }
            $ajax_response->assign("if_guest_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否开启游客发帖<!-- if_guest error --></span>");
        } else {
            $ajax_response->assign("if_guest_return", "innerHTML", "");
        }

        if(!preg_match("/^[123]{1}$/i",$value['if_anonymous'])){
            $error = true;
            if(empty($anchor)) { $anchor = "if_anonymous"; }
            $ajax_response->assign("if_anonymous_return", "innerHTML", "<span class=\"prompt_failed\">必须选择是否开启匿名发帖<!-- if_anonymous error --></span>");
        } else {
            $ajax_response->assign("if_anonymous_return", "innerHTML", "");
        }

        if( $value['if_turn'] == "1" ) {
            if( !preg_match("/^1|2$/i", $value['if_turn_type']) ) {
                $error = true;
                if(empty($anchor)) { $anchor = "if_turn_detail"; }
                $ajax_response->assign("if_turn_detail_return", "innerHTML", "<span class=\"prompt_failed\">转向类型发生错误!<!-- if_turn_type error --></span>");
            } elseif( empty($value['if_turn_url']) ) {
                $error = true;
                if(empty($anchor)) { $anchor = "if_turn_detail"; }
                $ajax_response->assign("if_turn_detail_return", "innerHTML", "<span class=\"prompt_failed\">转向地址必须填写<!-- if_turn_url error --></span>");
            } else {
                $ajax_response->assign("if_turn_detail_return", "innerHTML", "");
            }
        }

        if($error){
            $ajax_response->assign($submit,"value",$submit_value);
            $ajax_response->assign($submit,"disabled",false);
            $ajax_response->redirect("#".$anchor);
        }else{

            if ($type == "amend") {

                // Sort amend
                $sql = "UPDATE ".DB_TABLE_CHANNEL." SET
                            type                    = '".addslashes($value['type'])."',
                            name                    = '".addslashes(func::str_stripbr($value['name']))."',
                            password                = '".addslashes($value['password'])."',
                            brief                   = '".addslashes($value['brief'])."',
                            notice                  = '".addslashes($value['notice'])."',
                            keyword                 = '".addslashes(implode(",", preg_split("/[\s,]+/", $value['keyword'])))."',
                            template_channel        = '".addslashes($value['template_channel'])."',
                            template_topic          = '".addslashes($value['template_topic'])."',
                            page_record             = '".addslashes($value['page_record'])."',
                            if_enable               = '".addslashes($value['if_enable'])."',
                            if_lock                 = '".addslashes($value['if_lock'])."',
                            if_show                 = '".addslashes($value['if_show'])."',
                            if_recommend            = '".addslashes($value['if_recommend'])."',
                            if_add                  = '".addslashes($value['if_add'])."',
                            if_guest                = '".addslashes($value['if_guest'])."',
                            if_anonymous            = '".addslashes($value['if_anonymous'])."',
                            if_splitword            = '".addslashes($value['if_splitword'])."',
                            if_face                 = '".addslashes($value['if_face'])."',
                            if_bbcode               = '".addslashes($value['if_bbcode'])."',
                            if_url                  = '".addslashes($value['if_url'])."',
                            if_html                 = '".addslashes($value['if_html'])."',
                            if_turn                 = '".addslashes((int)$value['if_turn'])."',
                            if_turn_type            ='".addslashes((int)$value['if_turn_type'])."',
                            if_turn_url             = '".addslashes($value['if_turn_url'])."',
                            rank                    = '".addslashes($value['rank'])."'
                        WHERE id=".$sys->get['channel_id']."";
                $result = $db->Execute($sql);
                if (!$result) {
                    $ajax_response->alert($db->ErrorMsg());
                    $ajax_response->assign($submit,"value",$submit_value);
                    $ajax_response->assign($submit,"disabled",false);
                }else{

                    // detail value
                    foreach ($value['trans_group'] as $k => $v) {
                        if ($v['check'] == "1") {
                            $v['if_must']   = $v['if_must'] == "1" ? "1" : "2";
                            $v['rank']      = preg_match("/^[0-9]{1,11}$/",$v['rank']) ? $v['rank'] : "0";
                            $channel_trans_group = func::db_select(DB_TABLE_CHANNEL_TRANS_GROUP, "channel_id", "channel_id=".$sys->get['channel_id']." AND trans_group_id=".$k."");
                            $sql_data_update = array(
                                "if_must"   => "'".$v['if_must']."'",
                                "rank"      => "'".$v['rank']."'",
                            );
                            $sql_data_insert = array(
                                "channel_id"        => "'".$sys->get['channel_id']."'",
                                "trans_group_id"    => "'".$k."'",
                                "if_must"           => "'".$v['if_must']."'",
                                "rank"              => "'".$v['rank']."'",
                            );
                            if (count($channel_trans_group) > 0) {
                                $result = func::db_update(DB_TABLE_CHANNEL_TRANS_GROUP, $sql_data_update, "channel_id=".$sys->get['channel_id']." AND trans_group_id=".$k);
                            } else {
                                $result = func::db_insert(DB_TABLE_CHANNEL_TRANS_GROUP, $sql_data_insert);
                            }
                        }
                    }

                    // upper_id
                    $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
                    $result = &$db->Execute($sql);
                    if (!$result) {
                        $ajax_response->alert($db->ErrorMsg());
                    } else {
                        if (!$result->EOF) {
                            $upper_id = $result->fields['upper_id'];
                        }
                    }

                    $ajax_response->redirect($CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$upper_id."&pag=".$sys->get['pag']);
                }

            } else {

                $sql = "INSERT INTO ".DB_TABLE_CHANNEL." SET
                            type                    = '".addslashes($value['type'])."',
                            upper_id                = '".addslashes($sys->get['channel_id'])."',
                            name                    = '".addslashes(func::str_stripbr($value['name']))."',
                            password                = '".addslashes($value['password'])."',
                            brief                   = '".addslashes($value['brief'])."',
                            notice                  = '".addslashes($value['notice'])."',
                            keyword                 = '".addslashes(implode(",", preg_split("/[\s,]+/", $value['keyword'])))."',
                            template_channel        = '".addslashes($value['template_channel'])."',
                            template_topic          = '".addslashes($value['template_topic'])."',
                            page_record             = '".addslashes($value['page_record'])."',
                            if_enable               = '".addslashes($value['if_enable'])."',
                            if_lock                 = '".addslashes($value['if_lock'])."',
                            if_show                 = '".addslashes($value['if_show'])."',
                            if_recommend            = '".addslashes($value['if_recommend'])."',
                            if_add                  = '".addslashes($value['if_add'])."',
                            if_guest                = '".addslashes($value['if_guest'])."',
                            if_anonymous            = '".addslashes($value['if_anonymous'])."',
                            if_splitword            = '".addslashes($value['if_splitword'])."',
                            if_face                 = '".addslashes($value['if_face'])."',
                            if_bbcode               = '".addslashes($value['if_bbcode'])."',
                            if_url                  = '".addslashes($value['if_url'])."',
                            if_html                 = '".addslashes($value['if_html'])."',
                            if_turn                 = '".addslashes((int)$value['if_turn'])."',
                            if_turn_type            ='".addslashes((int)$value['if_turn_type'])."',
                            if_turn_url             = '".addslashes($value['if_turn_url'])."',
                            rank                    = '".addslashes($value['rank'])."'";
                $result = &$db->Execute($sql);
                $last_record = $db->Insert_ID();
                //////
                if (!$result) {
                    $ajax_response->alert($db->ErrorMsg());
                    $ajax_response->assign($submit,"value",$submit_value);
                    $ajax_response->assign($submit,"disabled",false);
                }else{

                    // detail value
                    foreach ($value['trans_group'] as $k => $v) {
                        if ($v['check'] == "1") {
                            $v['if_must']   = $v['if_must'] == "1" ? "1" : "2";
                            $v['rank']      = preg_match("/^[0-9]{1,11}$/",$v['rank']) ? $v['rank'] : "0";
                            $channel_trans_group = func::db_select(DB_TABLE_CHANNEL_TRANS_GROUP, "channel_id", "channel_id=".$last_record." AND trans_group_id=".$k."");
                            $sql_data_update = array(
                                "if_must"   => "'".$v['if_must']."'",
                                "rank"      => "'".$v['rank']."'",
                            );
                            $sql_data_insert = array(
                                "channel_id"        => "'".$last_record."'",
                                "trans_group_id"    => "'".$k."'",
                                "if_must"           => "'".$v['if_must']."'",
                                "rank"              => "'".$v['rank']."'",
                            );
                            if (count($channel_trans_group) > 0) {
                                $result = func::db_update(DB_TABLE_CHANNEL_TRANS_GROUP, $sql_data_update, "channel_id=".$last_record." AND trans_group_id=".$k);
                            } else {
                                $result = func::db_insert(DB_TABLE_CHANNEL_TRANS_GROUP, $sql_data_insert);
                            }
                        }
                    }

                    // path update
                    $upper_id = $last_record;
                    $path     = array();
                    $if_end   = false;
                    while($if_end === false){
                        $sql = "SELECT id,upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$upper_id."";
                        $result = &$db->Execute($sql);
                        if (!$result) {
                            $ajax_response->alert($db->ErrorMsg());
                            $if_end = true;
                        } else {
                            if (!$result->EOF) {
                                $path[]   = $result->fields['id'];
                                $upper_id = $result->fields['upper_id'];
                            }else{
                                $if_end = true;
                            }
                        }
                    }
                    krsort($path);
                    $sql_data = array(
                        "path" => "'".addslashes(implode(",", $path))."'",
                    );
                    $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$last_record."'");
                    if (!$result) {
                        $ajax_response->alert("类别路径更新失败!");
                    }

                    // cover update
                    $sql_data = array(
                        "channel_id" => "'".$last_record."'",
                    );
                    $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "channel_id=0 AND admin_id= '".$ADMIN['mid']."'");
                    if (!$result) {
                        $ajax_response->alert("封面数据库更新失败!");
                    }
                    
                    $ajax_response->redirect($CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$sys->get['channel_id']."&pag=".$sys->get['pag']);
                }
            }
        }
    }

    return $ajax_response;
}
$bwajax->register(XAJAX_FUNCTION, "submit_form");
//////

if($sys->get['ope'] == "add"){

    if (!preg_match("/^[1-9][0-9]*|0$/",$sys->get['channel_id'])) {
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{
        
        $if_privilege = false;
        if (preg_match("/^0$/",$sys->get['channel_id'])) {
            if ( $ADMIN['ag_privilege']['channel'] != "1" ) {
                $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
            } else {
                $if_privilege = true;
            }
        } elseif (preg_match("/^[1-9][0-9]*$/",$sys->get['channel_id'])) {
            $channel_info  = $sys->return_channel_info($sys->get['channel_id']);
            if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
                $sys->prompt("failed","非法操作!<!-- channel_id error -->");
            } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
                $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
            } else {
                $if_privilege = true;
            }
        }
        if (!$if_privilege) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- if_privilege -->");
        } else {
            $prompt = "cover_upload_prompt";
            $list   = "cover_str";
            $thumb  = "";
            $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=0 AND admin_id=".$ADMIN['mid'], "", "id DESC");
            $file_value = $filelist['0'];
            if (!empty($file_value)){
                $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
                if (!file_exists($path)) { func::make_dir($path); }
                if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                    list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                    $size = $width > $height ? "width=45" : "height=45";
                    $thumb = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('add','".$ADMIN['mid']."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
                }
            }
            if (empty($thumb)) {
                $thumb = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
            }

            $trans_group    = $sys->return_trans_group();

            $t->assign(array(
                $list                   => $thumb,
                "trans_group"           => $trans_group,
                "setting_cover"         => $setting_cover,
            ));
        }
    }

}elseif($sys->get['ope'] == "amend"){
 
    if (!preg_match("/^[1-9][0-9]*$/",$sys->get['channel_id'])) {
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{

        $channel_info  = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $prompt = "cover_upload_prompt";
            $list   = "cover_str";
            $thumb  = "";
            $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$sys->get['channel_id'], "", "id DESC");
            $file_value = $filelist['0'];
            if (!empty($file_value)){
                $path   = $SETTING['dir_channel_cover']."/".$file_value['dir'];
                if (!file_exists($path)) { func::make_dir($path); }
                if (!empty($file_value['filename']) && file_exists($path.$file_value['filename'])) {
                    list($width, $height, $type, $attr) = getimagesize($path.$file_value['filename']);
                    $size = $width > $height ? "width=45" : "height=45";
                    $thumb = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\"><span onclick=\"xajax_cover_del('amend','".$sys->get['channel_id']."','".$file_value['id']."','".$list."','".$prompt."');\" style=\"cursor:pointer;color:#EA7408;\"><img src=\"".$SETTING['dir_images_admin']."/icon_delete.gif\" alt=\"Delete\" /></span></td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;\"><img src=\"".$path.$file_value['filename']."\" ".$size." border=\"0\" align=\"absmiddle\" /></div></td></tr></table>\n";
                }
            }
            if (empty($thumb)) {
                $thumb = "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr align=\"center\"><td width=\"30%\">&nbsp;</td><td width=\"70%\"><div style=\"border:1px solid #CCCCCC;background-color:#EEEEEE;width:45px;height:45px;\"><br />缩略图</div></td></tr></table>\n";
            }

            $sql = "SELECT channel_manage.*, 
                        member.username as username,
                        s.value as color_value,s.name as color_name
                    FROM ".DB_TABLE_CHANNEL_MANAGE." channel_manage
                        LEFT JOIN ".DB_TABLE_MEMBER." member ON member.id=channel_manage.admin_id
                        LEFT JOIN ".DB_TABLE_SELECT." s ON s.id=channel_manage.color
                    WHERE channel_id=".$sys->get['channel_id']."
                    ORDER BY channel_manage.rank, channel_manage.admin_id";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            }else {
                while(!$result->EOF){
                    $channel_manage_list[] = array(
                        "channel_id"    => $result->fields['channel_id'],
                        "mid"           => $result->fields['mid'],
                        "color"         => $result->fields['color'],
                        "bold"          => $result->fields['bold'],
                        "rank"          => $result->fields['rank'],
                        "time_created"  => $result->fields['time_created'],

                        "username"      => $result->fields['username'],

                        'color_value'   => $result->fields['color_value'],
                        'color_name'    => $result->fields['color_name'],
                    );
                    $result->MoveNext();
                }
            }

            $trans_group    = $sys->return_trans_group();
            $trans_list     = $sys->return_trans_list($sys->get['channel_id']);
            $t->assign(array(
                $list                   => $thumb,
                "trans_group"           => $trans_group,
                "trans_list"            => $trans_list,
                "channel_info"          => $channel_info,
                "channel_manage_list"   => $channel_manage_list,
                "setting_cover"         => $setting_cover,
            ));
        }
    }

}elseif($sys->get['ope'] == "savecover_upload"){
    $bwupload->lang_msg = array(
        '0'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['0'],
        '1'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['1'],
        '2'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['2'],
        '3'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['3'],
        '4'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['4'],
        '6'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['6'],
        '7'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['7'],
        '8'             => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['8'],
        'invalid'       => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['invalid'],
        'error_size'    => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['error_size'],
        'error_type'    => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['error_type'],
        'upload_failed' => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['upload_failed'],
        'error_empty'   => $LANGUAGE['s']['_public']['lib_class_bwupload_class']['error_empty'],
    );
    $bwupload->set_size($setting_cover['size']);
    $bwupload->set_type($setting_cover['type']);

    $result_state   = "1";
    $error_msg      = "";

    if ($sys->get['type'] == "amend"){

        $channel_id = $sys->get['channel_id'];
        if (!preg_match("/^[0-9]+$/",$channel_id)){
            $result_state = "0";
            $error_msg = "非法操作<!-- channel_id error -->";
        } else {
            $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$channel_id, "", "id DESC");
            if (count($filelist) > 1){
                $result = func::db_delete(DB_TABLE_CHANNEL_COVER, "channel_id=".$channel_id." AND id!=".$filelist[0]['id']);
                if (!$result) {
                    $result_state = "0";
                    $error_msg = "删除多余的记录失败<!-- delete excrescent error -->";
                }
            }
            if ($result_state == "1") {
                $file_value = $filelist[0];
                if (!empty($file_value['dir'])){
                    $dir    = $file_value['dir'];
                    $path   = $SETTING['dir_channel_cover']."/".$dir;
                } else {
                    $dir    = $setting_cover['dir'];
                    $path   = $SETTING['dir_channel_cover']."/".$dir;
                }
                if (!file_exists($path)) { func::make_dir($path); }

                if( !$bwupload->upload_file($path,"cover_upload") ){
                    $result_state = "0";
                    $error_msg = $bwupload->error_msg."<!-- upload error -->";
                }else{
                    $result_state = $bwupload->proceed['cover_upload']['succeed'];
                    $error_msg = $bwupload->proceed['cover_upload']['error']."<!-- upload error message -->";
                    if ($result_state == "1") {
                        if (!empty($file_value['filename'])){
                            if (file_exists($path.$file_value['filename'])) {
                                @chmod($path.$file_value['filename'], $SETTING['chmod_mode_file']);
                                @unlink($path.$file_value['filename']);
                            }
                        }
                        $sql_data = array(
                            "dir"       => "'".$dir."'",
                            "filename"  => "'".$bwupload->proceed['cover_upload']['result_name']."'",
                            "channel_id"   => "'".$channel_id."'",
                            "admin_id"  => "'".$ADMIN['mid']."'",
                        );
                        if (count($filelist) > 0) {
                            $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "id=".$file_value['id']);
                        } else {
                            $result = func::db_insert(DB_TABLE_CHANNEL_COVER, $sql_data);
                        }
                        if (!$result) {
                            if (file_exists($path.$bwupload->proceed['cover_upload']['result_name'])) {
                                @chmod($path.$bwupload->proceed['cover_upload']['result_name'], $SETTING['chmod_mode_file']);
                                @unlink($path.$bwupload->proceed['cover_upload']['result_name']);
                            }
                            $result_state = "0";
                            $error_msg = "更新数据库失败<!-- upload db cover error -->";
                        }
                    }
                }
            }
        }
        $CONFIGURE['common']['if_output_template'] = "0";
        $prompt_style = $result_state == "1" ? "prompt_succeed" : "prompt_failed";
        $bwjs->write("parent.xajax_cover_upload_return('".$result_state."',
                   'amend',
                   '".$sys->get['channel_id']."',
                   'channel_amend',
                   'cover_upload_input',
                   '<input type=\"file\" id=\"cover_upload\" name=\"cover_upload\" size=\"30\" style=\"width:250px;\" class=\"input\" />',
                   'cover_upload_submit',
                   'cover_str',
                   'cover_upload_prompt',
                   '<span class=\"".$prompt_style."\">".$error_msg."</span>');");
    } else {

        $admin_id = $ADMIN['mid'];
        if (!preg_match("/^[0-9]+$/",$admin_id)){
            $result_state = "0";
            $error_msg = "非法操作<!-- admin_id error -->";
        } else {
            $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=0 AND admin_id=".$admin_id, "", "id DESC");
            if (count($filelist) > 1){
                $result = func::db_delete(DB_TABLE_CHANNEL_COVER, "channel_id=0 AND admin_id=".$admin_id." AND id!=".$filelist[0]['id']);
                if (!$result) {
                    $result_state = "0";
                    $error_msg = "删除多余的记录失败<!-- delete excrescent error -->";
                }
            }
            if ($result_state == "1") {
                $file_value = $filelist[0];
                if (!empty($file_value['dir'])){
                    $dir    = $file_value['dir'];
                    $path   = $SETTING['dir_channel_cover']."/".$dir;
                } else {
                    $dir    = $setting_cover['dir'];
                    $path   = $SETTING['dir_channel_cover']."/".$dir;
                }
                if (!file_exists($path)) { func::make_dir($path); }

                if( !$bwupload->upload_file($path,"cover_upload") ){
                    $result_state = "0";
                    $error_msg = $bwupload->error_msg."<!-- upload error -->";
                }else{
                    $result_state = $bwupload->proceed['cover_upload']['succeed'];
                    $error_msg = $bwupload->proceed['cover_upload']['error']."<!-- upload error message -->";
                    if ($result_state == "1") {
                        if (!empty($file_value['filename'])){
                            if (file_exists($path.$file_value['filename'])) {
                                @chmod($path.$file_value['filename'], $SETTING['chmod_mode_file']);
                                @unlink($path.$file_value['filename']);
                            }
                        }
                        $sql_data = array(
                            "dir"       => "'".$dir."'",
                            "filename"  => "'".$bwupload->proceed['cover_upload']['result_name']."'",
                            "channel_id"   => "'0'",
                            "admin_id"  => "'".$ADMIN['mid']."'",
                        );
                        if (count($filelist) > 0) {
                            $result = func::db_update(DB_TABLE_CHANNEL_COVER, $sql_data, "id=".$file_value['id']);
                        } else {
                            $result = func::db_insert(DB_TABLE_CHANNEL_COVER, $sql_data);
                        }
                        if (!$result) {
                            if (file_exists($path.$bwupload->proceed['cover_upload']['result_name'])) {
                                @chmod($path.$bwupload->proceed['cover_upload']['result_name'], $SETTING['chmod_mode_file']);
                                @unlink($path.$bwupload->proceed['cover_upload']['result_name']);
                            }
                            $result_state = "0";
                            $error_msg = "更新数据库失败<!-- upload db cover error -->";
                        }
                    }
                }
            }
        }
        $CONFIGURE['common']['if_output_template'] = "0";
        $prompt_style = $result_state == "1" ? "prompt_succeed" : "prompt_failed";
        $bwjs->write("parent.xajax_cover_upload_return('".$result_state."',
                   'add',
                   '".$ADMIN['mid']."',
                   'channel_add',
                   'cover_upload_input',
                   '<input type=\"file\" id=\"cover_upload\" name=\"cover_upload\" size=\"30\" style=\"width:250px;\" class=\"input\" />',
                   'cover_upload_submit',
                   'cover_str',
                   'cover_upload_prompt',
                   '<span class=\"".$prompt_style."\">".$error_msg."</span>');");
    }

}elseif($sys->get['ope'] == "move"){
 
    if (!preg_match("/^[1-9][0-9]*$/",$sys->get['channel_id'])) {
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{

        $channel_info  = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sys->channel_tree = array();
            $sort_tree_from = $sys->return_channel_tree($sys->get['channel_id']);
            $sys->channel_tree = array();
            $sys->return_channel_tree();

            $sort_tree_to = array();
            foreach ($sys->channel_tree as $v) {
                $path = explode(",", $v['path']);
                if (in_array($sys->get['channel_id'], $path) || ($sys->channel_tree[$sys->get['channel_id']]['upper_id'] == $v['id']) ) {
                    $v['disable'] = "1";
                }
                $sort_tree_to[$v['id']] = $v;
            }
            if($sys->channel_tree[$sys->get['channel_id']]['upper_id'] == "0") {
                $sort_tree_to_root = "disable";
            }

            $t->assign(array(
                "sort_tree_from"    => $sort_tree_from,
                "sort_tree_to"      => $sort_tree_to,
                "sort_tree_to_root" => $sort_tree_to_root,
            ));
        }
    }
}elseif($sys->get['ope'] == "save_move"){
    // check the post
    if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }elseif(!preg_match("/^[0-9]+$/i",$sys->post['sort_tree_to'])){
        $sys->prompt("failed","目的类别格式错误,目的类别只能为数字!");
    }else{

        $channel_info           = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sys->channel_tree = array();
            $sys->return_channel_tree();
            if ($sys->post['sort_tree_to'] == "0") {
                if ($sys->channel_tree[$sys->get['channel_id']]['upper_id'] == "0") {
                    $sys->prompt("failed","目标类别不正确!");
                }
            } else {
                $path = explode(",", $sys->channel_tree[$sys->post['sort_tree_to']]['path']);
                if ( in_array($sys->get['channel_id'], $path) || ($sys->channel_tree[$sys->get['channel_id']]['upper_id'] == $sys->post['sort_tree_to']) ) {
                    $sys->prompt("failed","目标类别不正确!");
                }
            }

            $sql = "UPDATE ".DB_TABLE_CHANNEL." SET
                        upper_id  = '".addslashes($sys->post['sort_tree_to'])."'
                    WHERE id=".$sys->get['channel_id']."";
            $result = $db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            }

            $sys->update_channel_path($sys->get['channel_id']);

            $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$sys->post['sort_tree_to']."&pag=".$sys->get['pag']);
        }
    }

}elseif($sys->get['ope'] == "if_enable"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_enable'])) {
       $sys->prompt("failed","非法操作!<!-- if_enable error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_enable" => $sys->get['if_enable'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_lock"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_lock'])) {
       $sys->prompt("failed","非法操作!<!-- if_lock error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_lock" => $sys->get['if_lock'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_show"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_show'])) {
       $sys->prompt("failed","非法操作!<!-- if_show error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_show" => $sys->get['if_show'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_recommend"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_recommend'])) {
       $sys->prompt("failed","非法操作!<!-- if_recommend error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_recommend" => $sys->get['if_recommend'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_add"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_add'])) {
       $sys->prompt("failed","非法操作!<!-- if_add error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_add" => $sys->get['if_add'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_guest"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_guest'])) {
       $sys->prompt("failed","非法操作!<!-- if_guest error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_guest" => $sys->get['if_guest'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "if_anonymous"){

   if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])) {
       $sys->prompt("failed","非法操作!<!-- channel_id error -->");
   } elseif (!preg_match("/^[123]{1}$/",$sys->get['if_anonymous'])) {
       $sys->prompt("failed","非法操作!<!-- if_anonymous error -->");
   } else {

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $sql = "SELECT upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $channel_id = $result->fields['upper_id'];
                }
            }

            $sql_data = array(
                "if_anonymous" => $sys->get['if_anonymous'],
            );
            $result = func::db_update(DB_TABLE_CHANNEL, $sql_data, "id= '".$sys->get['channel_id']."'");
            if (!$result) {
                $sys->prompt("failed","非法操作!<!-- db_update failed -->");
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$channel_id."&pag=".$sys->get['pag']);
   }

}elseif($sys->get['ope'] == "del"){
    // check the post
    if (!preg_match("/^[0-9]+$/",$sys->get['channel_id'])){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{

        $channel_info   = $sys->return_channel_info($sys->get['channel_id']);
        if (!preg_match("/^[1-9][0-9]*$/",$channel_info['id'])) {
            $sys->prompt("failed","非法操作!<!-- channel_id error -->");
        } elseif ( $ADMIN['ag_privilege']['channel'] != "1" && ($ADMIN['ag_privilege']['channel'] != "3" || $channel_info['channel_manage_admin_id'] == "") ) {
            $sys->prompt("failed","您没有权限进行此操作!<!-- privilege not allow -->");
        } else {

            $total_record = func::db_count_record(DB_TABLE_CHANNEL, "upper_id=".$sys->get['channel_id']);
            if ($total_record > 0) {
                $sys->prompt("failed","类别非空!");
            }

            $sql = "SELECT id,upper_id FROM ".DB_TABLE_CHANNEL." WHERE id=".$sys->get['channel_id']."";
            $result = &$db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            } else {
                if (!$result->EOF) {
                    $upper_id = $result->fields['upper_id'];
                    $filelist = func::db_select(DB_TABLE_CHANNEL_COVER, "*", "channel_id=".$result->fields['id'], "", "id DESC");
                    if (!empty($filelist)){
                        foreach($filelist as $file){
                            chmod($SETTING['dir_channel_cover']."/".$file['dir']."/".$file['filename'], $SETTING['chmod_mode_file']);
                            unlink($SETTING['dir_channel_cover']."/".$file['dir']."/".$file['filename']);
                        }
                        $delete_result = func::db_delete(DB_TABLE_CHANNEL_COVER, "channel_id=".$result->fields['id']."");
                        if (!$delete_result) {
                            $sys->prompt("failed","封面数据库信息删除失败!<!-- db cover delete failed -->");
                        }
                    }
                }
            }

            $sql = "DELETE FROM ".DB_TABLE_CHANNEL_MANAGE."
                    WHERE channel_id=".$sys->get['channel_id'];
            $result = $db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            }

            $sql = "DELETE FROM ".DB_TABLE_CHANNEL."
                    WHERE id=".$sys->get['channel_id'];
            $result = $db->Execute($sql);
            if (!$result) {
                echo $db->ErrorMsg();
            }
        }
        $sys->prompt("jump",$CONFIGURE['common']['control_admin']."?act=channel&channel_id=".$upper_id."&pag=".$sys->get['pag']);
    }

}else{

    if( !preg_match("/^[0-9]*$/",$sys->get['channel_id'])  ){
        $sys->prompt("failed","非法操作!<!-- channel_id error -->");
    }else{
        $channel_info  = $sys->return_channel_info($sys->get['channel_id']);
        $sys->channel_sub = array();
        $sys->return_channel_sub($sys->get['channel_id']);
        $t->assign(array(
            "channel_sub"   => $sys->channel_sub,
            "channel_info"  => $channel_info,
        ));
    }
}
?>
